rpm package
suse/ffmpeg&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-51794 | — | < 3.4.2-150200.11.47.1 | 3.4.2-150200.11.47.1 | Apr 26, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. | ||
| CVE-2023-50010 | — | < 3.4.2-150200.11.44.1 | 3.4.2-150200.11.44.1 | Apr 19, 2024 | FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component. | ||
| CVE-2023-49502 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component. | ||
| CVE-2024-31578 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Apr 17, 2024 | FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. | ||
| CVE-2022-48434 | — | < 3.4.2-150200.11.28.1 | 3.4.2-150200.11.28.1 | Mar 29, 2023 | libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-vid | ||
| CVE-2021-38094 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2021-38091 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2021-38090 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2020-20898 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. |
- CVE-2023-51794Apr 26, 2024affected < 3.4.2-150200.11.47.1fixed 3.4.2-150200.11.47.1
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.
- CVE-2023-50010Apr 19, 2024affected < 3.4.2-150200.11.44.1fixed 3.4.2-150200.11.44.1
FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
- CVE-2023-49502Apr 19, 2024affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
- CVE-2024-31578Apr 17, 2024affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
- CVE-2022-48434Mar 29, 2023affected < 3.4.2-150200.11.28.1fixed 3.4.2-150200.11.28.1
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-vid
- CVE-2021-38094Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2021-38091Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2021-38090Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2020-20898Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.